HelperMate — Privacy Policy

Version: 2.0 Effective Date: March 2026 Operator: TEMFARMING (UEN: 53508432C), Singapore

1. Introduction

HelperMate is operated by TEMFARMING (UEN: 53508432C), a sole proprietorship registered in Singapore ("we", "our", "us"). We are committed to protecting your personal data in accordance with the Personal Data Protection Act 2012 (PDPA) of Singapore.

This Privacy Policy explains how we collect, use, disclose, retain, and protect information about you when you use the HelperMate mobile application. By using the App, you consent to the data practices described in this Policy.

2. Data We Collect

We collect the following categories of personal data:

Category	Data Points	Purpose
Account Information	Email address, display name, phone number (if Phone Auth used), Google account ID (if Google Sign-In used), profile photo (optional)	Account creation, authentication, and communication
Household Information	Household name, invite code, linked member roles	Household management and member coordination
Task and Schedule Data	Task descriptions, routines, schedules, completion status	Task coordination between Employer and Helper
Financial Records	Salary entries, expense records, receipt images (processed on-device only)	Salary record-keeping and expense tracking
MOM Compliance Data	Work Permit expiry dates, 6-Month Medical Examination dates, Passport expiry dates, rest day records, alert preferences	MOM regulatory compliance tracking and reminders
Device Information	Device type, operating system, app version, FCM push notification token	Push notifications, crash diagnostics, and app compatibility
Usage Analytics	Feature usage patterns, session duration, screen views (anonymised)	App improvement and performance optimisation

Data we do NOT collect:

Payment card details (handled exclusively by Apple/Google)
Biometric data
Location data (GPS)
Contacts or address book data (SOS contacts are entered manually by the user)
Receipt image content (OCR processing occurs entirely on-device via Google ML Kit; images are not uploaded to our servers)

3. How We Use Your Data

Your personal data is used for the following purposes:

Provide and operate the core features of HelperMate (task management, salary record-keeping, household coordination, MOM compliance tracking)
Deliver push notifications relevant to your household (task reminders, MOM compliance alerts)
Process on-device OCR for receipt scanning (no data leaves your device)
Provide multilingual interface support
Improve app performance, diagnose bugs, and enhance user experience
Comply with legal obligations under Singapore law
Analyse aggregated and anonymised usage data (which cannot identify any individual) for internal analytics, product improvement, and business reporting, including reports shared with investors or potential business partners ("Analytics Purpose"). Such aggregated data does not constitute personal data under the PDPA
Send you marketing communications about HelperMate features, updates, and offers via push notification or email, subject to your prior consent where required under applicable law. You may opt out at any time through Account Settings or by contacting support@helpermate.app ("Marketing Purpose")

4. Data Sharing and Disclosure

4.1 Within Your Household

Household data (tasks, schedules, MOM compliance items) is shared between the linked Employer and Helper within your household. Financial records (salary history, expenses) are visible to the Employer only.

4.2 Third-Party Service Providers

We use the following third-party services to operate the App. Each is bound by their own privacy policies and data processing terms:

Service	Provider	Data Shared	Purpose
Firebase Authentication	Google LLC	Email, phone number, auth tokens	User authentication and session management
Cloud Firestore	Google LLC	All household data (encrypted in transit and at rest)	Cloud database for data storage and sync
Firebase Cloud Messaging	Google LLC	FCM device token	Push notification delivery
Firebase Crashlytics	Google LLC	Crash logs, device info, stack traces (no personal data)	App stability monitoring and bug diagnosis
Firebase Cloud Functions	Google LLC	Household data (processed server-side)	Automated compliance checks and data processing
Google ML Kit	Google LLC	Receipt images (on-device only, never transmitted)	On-device OCR text recognition

4.3 Legal Disclosure

We may disclose your personal data if required to do so by:

Singapore law, court order, or other valid legal process
A request from a Singapore government authority or regulator (including the PDPC)
To protect the rights, property, or safety of TEMFARMING, our users, or the public

5. Data Storage and Security

5.1 Storage Location

Your data is stored on Firebase servers operated by Google LLC. Firebase infrastructure is hosted in data centres that comply with international security standards (ISO 27001, SOC 2). Firebase uses industry-standard encryption in transit (TLS 1.2+) and at rest (AES-256).

5.2 Access Controls

Access to household data is restricted by Firestore Security Rules. These rules enforce that:

Employers can only access data belonging to their own household
Helpers can only access shared household data (not financial records)
No user can access data from another household
MOM compliance data is accessible only to household members

5.3 On-Device Processing

The OCR receipt scanning feature uses Google ML Kit, which performs all processing entirely on your device. Receipt images are not transmitted to HelperMate servers or any third party.

5.4 Security Measures

We implement the following security measures:

Firebase Authentication with secure token-based sessions
API keys managed via environment variables (not hardcoded in the App)
Regular security rule reviews and testing
Structured error logging for anomaly detection
Offline data persistence with encrypted local cache

However, no method of electronic transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

6. Data Retention

Data Type	Retention Period	Trigger for Deletion
Account data	Duration of account	Account deletion request
Household data	Duration of household + 30 days	Household dissolution
MOM compliance data	Duration of household + 30 days	Household dissolution or account deletion
Financial records	Duration of account + 30 days	Account deletion request
Crash logs	90 days	Automatic expiry
Anonymised analytics	Indefinite (non-personal data)	N/A

You may request deletion of your account and associated data at any time. We will process deletion requests within 30 days. Contact: privacy@helpermate.app

7. Your Rights Under the PDPA

As a data subject under Singapore's PDPA, you have the following rights:

Right	Description	How to Exercise
Access	Request a copy of personal data we hold about you	Email dpo@helpermate.app
Correction	Request correction of inaccurate or incomplete data	Email dpo@helpermate.app or edit in-app
Withdrawal of Consent	Withdraw consent for specific data processing purposes	Account Settings or email dpo@helpermate.app
Deletion	Request deletion of your personal data	App > Menu > Profile > Delete Account, or email privacy@helpermate.app
Data Portability	Request your data in a portable format	Email dpo@helpermate.app

To exercise any of these rights, contact us at: privacy@helpermate.app or dpo@helpermate.app. We will respond within 30 days.

8. Special Category: Helper Personal Data

If an Employer enters personal data about their Helper (including Work Permit numbers, passport details, medical examination dates, or salary information), the Employer is responsible for:

Obtaining the Helper's informed consent before entering such data
Ensuring accuracy of the information entered
Using the data solely for household management and MOM compliance purposes
Complying with all applicable PDPA obligations regarding their Helper's personal data

TEMFARMING acts as a data intermediary in this context. The Employer remains the data controller responsible for ensuring lawful collection and use of their Helper's personal data.

9. Children's Privacy

HelperMate is not intended for use by persons under the age of 13. We do not knowingly collect personal data from children under 13. If we become aware that we have collected data from a child under 13 without parental consent, we will take steps to delete that information promptly.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us at privacy@helpermate.app.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. For significant changes, we will:

Notify you via in-app notification and/or email at least 14 days before changes take effect
Display a summary of key changes within the App

Continued use of the App after the effective date of any change constitutes your acceptance of the updated Privacy Policy. The date of the most recent revision appears at the top of this document.

11. Data Breach Notification

In the event of a data breach that is likely to result in significant harm to affected individuals or is of a significant scale, TEMFARMING will:

Notify the Personal Data Protection Commission (PDPC) within 3 business days of assessing that a notifiable data breach has occurred, as required under Section 26D of the PDPA (Amendment) Act 2020
Notify affected users as soon as practicable with details of the breach and recommended actions

To report a suspected security vulnerability or data breach, contact: dpo@helpermate.app

12. Contact Information

General Support: support@helpermate.app
Data Protection Officer: dpo@helpermate.app
Privacy Enquiries: privacy@helpermate.app
Website: helpermate.app

HelperMate by TEMFARMING (UEN: 53508432C) Last updated: March 2026